Other Factors

By Paul F. Roberts  |  Posted 2006-01-26 Print this article Print

However, there are many other factors will determine whether Mac systems will be targets of future attacks, experts say. "[Software] vulnerabilities still depend on the OS, not the underlying architecture," said Erik Tayler, a security consultant at IOActive. "It will still come down to writing good code."
OS X is generally a stable operating system that is built on top of BSD (Berkeley Software Distribution) Unix, and already has features such as automatic software updates, said Mark Grimes, an OS X security expert who runs Stateful Labs in San Diego, Calif.
Apple is also investing in security talent, and also pushing for stringent Common Criteria certification of OS X so that the operating system can be adopted by government agencies, Grimes said. However, OS X is still a very "open" operating system compared to Windows, Grimes said. "There are things you can do with OS X that are kind of scary," he said. The emergence of "haxies"—hacks for OS X that are used to make small adjustments to the user interface or applications are evidence that OS X could be used to spread malicious code, though maybe not self propagating viruses and worms, he said. Security companies from IBM to Symantec Corp. have warned that attacks against OS X are on the rise, though they are still a small fraction compared to attacks on Windows systems. A rich selection of OS X exploits can be found at online hacking sites like the Metasploit Project. Despite that, OS X lacks many of the security enhancements, such as stack protection, that companies like Microsoft have added in recent years to blunt the impact of malicious code attacks, analysts say. "Every part of memory is executable by default," Grenier said. "Just about every place you can stick data into memory, you can get it to execute." That makes it easier to compromise OS X systems for hackers who get access to them, she said. While Mac is immune to much of the Windows-focused malicious code that circulates on the Internet, that doesnt mean the operating system is without holes, as the frequent operating system patches from Apple indicate, she said. With a relatively tiny user population and little presence on corporate networks, however, those patches usually dont make news. "Every time you get an update for OS X, there are a slew of under-publicized vulnerabilities. You might have five, 10 or 15 security flaws, but nobody murmurs," Grenier said. In the end, the interest in Mac as a target may simply be a factor of its popularity. And switching to Intel could make the systems much more popular, analysts say. Still, Apple should invest in technologies that make it harder for malicious code to run on their machines now, rather than waiting to see what happens. Protections against memory and stack overflows are a good place to start, analysts agree. "Technologies that protect against stack based overflows are readily available, and its not difficult to leverage those and incorporate them into the OS," Friedrichs said. Apple should consider putting a large, public effort into security, much as its bitter rival Microsoft did with Trustworthy Computing, or the open-source GrSecurity effort to improve Linux security, Grenier said. OS X exploits arent uncommon. The shift to Intel could be just the change that makes it worthwhile to write exploits for them, she said. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel